Security Bulletin: Security vulnerabilities affect libxml2 and gcc packages shipped with IBM CICS TX Advanced.

Summary IBM CICS TX Advanced is impacted by security vulnerabilities found in packages libxml2 and gcc. IBM CICS TX Advanced has been updated in order to address these vulnerabilities. Vulnerability Details CVEID:CVE-2022-49043 DESCRIPTION: xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11....

Ubuntu: Security Advisory (USN-7467-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7467-2: libxml2 vulnerabilities

USN-7467-1 fixed several vulnerabilities in libxml2. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that the libxml2 Python bindings incorrectly handled certain return values. An attacker could possibly use thi...

USN-7467-2 libxml2 vulnerabilities

USN-7467-1 fixed several vulnerabilities in libxml2. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that the libxml2 Python bindings incorrectly handled certain return values. An attacker could possibly use thi...

USN-7467-1: libxml2 vulnerabilities

It was discovered that the libxml2 Python bindings incorrectly handled certain return values. An attacker could possibly use this issue to cause libxml2 to crash, resulting in a denial of service. CVE-2025-32414 It was discovered that libxml2 incorrectly handled certain memory operations. A remot...

Security Bulletin: Security vulnerabilities affect multiple packages shipped with IBM CICS TX Advanced.

Summary IBM CICS TX Advanced is impacted by security vulnerabilities found in packages GLib2.0, libxml2, glibc , krb5 Kerberos, libtasn1-6, Expat, OpenSSL, GnuTLS and curl. These are shipped as part of the product. Vulnerability Details CVEID:CVE-2024-12133 DESCRIPTION: A flaw in libtasn1 causes...

Heap-based Buffer Under-read

libxml2.so is vulnerable to a Heap-based buffer under-read. The vulnerability is due to improper handling of identity constraints in the XML schema processing, specifically in the xmlSchemaIDCFillNodeTables function in xmlschemas.c, allows a heap-based buffer under-read when certain identity...

Mageia: Security Advisory (MGASA-2025-0139)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

libxml2 Installed (macOS)

Binary data macoslibxml2installed.nbin...

libxml2 < 2.13.8 / 2.14.x < 2.14.2 Multiple Vulnerabilities (macOS)

The version of libxml2 installed on the remote host is affected by multiple vulnerabilities. - In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 : libxml2 vulnerabilities (USN-7467-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7467-1 advisory. It was discovered that the libxml2 Python bindings incorrectly handled certain return values. An attacker could...

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2025-27363 DESCRIPTION: An out of bounds write exists in FreeType versions 2.13.0...

Updated libxml2 packages fix security vulnerabilities

CVE-2025-32414 Buffer overflow when parsing text streams with Python API CVE-2025-32415 Heap-based Buffer Overflow in xmlSchemaIDCFillNodeTables...

MGASA-2025-0139 Updated libxml2 packages fix security vulnerabilities

CVE-2025-32414 Buffer overflow when parsing text streams with Python API CVE-2025-32415 Heap-based Buffer Overflow in xmlSchemaIDCFillNodeTables...

OESA-2025-1459 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

OESA-2025-1458 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

OESA-2025-1456 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

AIX is vulnerable to a denial of service due to libxml2 (CVE-2022-49043)

IBM SECURITY ADVISORY First Issued: Fri Apr 25 08:23:03 CDT 2025 |Updated: Mon May 5 14:46:26 CDT 2025 |Update: New iFixes provided for AIX 7.2 TL5 SP7, 7.3 TL1 SP2 and SP3, | 7.3 TL2 SP1, and VIOS 3.1.4.31. The new iFixes include a packaging | change to clarify that the iFixes are cumulative and...

AIX (IJ54258)

The version of AIX installed on the remote host is prior to APAR IJ54258. It is, therefore, affected by a vulnerability as referenced in the IJ54258 advisory. - xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free. CVE-2022-49043 Note that Nessus has not tested for this...

AIX (IJ54059)

The version of AIX installed on the remote host is prior to APAR IJ54059. It is, therefore, affected by a vulnerability as referenced in the IJ54059 advisory. - xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free. CVE-2022-49043 Note that Nessus has not tested for this...